Marcin Towalski of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
The WebKit browser engine contains a use-after-free vulnerability in its GraphicsContext function. A malicious web page code could trigger a use-after-free error, which could lead to a potential information leak and memory corruption. An attacker could exploit this vulnerability by tricking the user into visiting a specially crafted, malicious web page to trigger this vulnerability.
In accordance with our coordinated disclosure policy, Cisco Talos worked with WebKit to ensure that this issue is resolved and that an update is available for affected customers.
Vulnerability details
Webkit WebCore::GraphicsContext use-after-free vulnerability (TALOS-2021-1238/CVE-2021-21779)
A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.
For more information on this vulnerability, read the complete advisory here.
Versions tested
Talos tested and confirmed that Webkit WebKitGTK, version 2.30.4, is affected by this vulnerability.
Coverage
The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 57134 and 57135